Privacy policy
INTRODUCTION
This website is owned and managed by From-Earth Jewellers. We are committed to protecting the privacy of our customers and website visitors. Personal information collected through this website is used solely by us and its agents to communicate with and to deliver goods and services to you. We do not share any customer information with any third parties unless required to do so by law.
To comply with the EU General Data Protection Regulation (GDPR) regulation, this Privacy Policy provides information on what data is collected from users of our website, how the data is collected and what it is used for.
Please read our Privacy Policy to understand how personal information submitted by you on this website, and data on your use of this website may be collected and used.
WHO WE ARE
The owner and data controller of this website is From-Earth Jewellers (referenced to as “We”, “Us” or “Our” in this document).
If you have any enquiries about this Privacy Policy or about our use of your personal information, you may contact us by email at info@from-earth.co.uk
WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase or register on our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, contact number and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address to provide us with information that helps us learn about your browser and operating system.
Email marketing - With your permission, we may send you emails about our store, new products, and other updates.
CONSENT
When you provide us with any personal information for whatever reason, we imply that you consent to our collecting your personal information and using it for that specific reason only.
You may withdraw from marketing by emailing us at info@from-earth.co.uk.
DISCLOSURE
We have to disclose your personal information if we are requested by law to do so or if you violate our Terms of Service, for example if we suspect fraudulent activity on our website.
THIRD PARTY SERVICES
Any third-party provider used by us will collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
Shopify
Our store is hosted on Shopify. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases, and the general Shopify application. Shopify store your data on a secure server behind a firewall.
Please note that your data will be transferred outside of Europe, including to Canada and the United States for the purpose of processing your transactions. You can read about how Shopify uses your personal data at https://www.shopify.com/legal/privacy.
We use Google Analytics to continually improve our products and services by monitoring traffic to our website, including the number of visitors, which pages are visited, the time spent on web pages and the links which brought visitors to our website.
Google analytics also provides us with anonymous information about our website visitors, which may include, for example, geographical location and demographics. This information is non-personal and is not linked to your personal information (for example, your IP Address). You can read about how Google uses your personal information at https://www.google.com/intl/en/policies/privacy.
Payment Gateways
If you make a purchase on our website using a debit or credit card, Shopify stores your card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and stored using AES-256 Encryption. PCI-DSS is managed by the PCI Security Standards Council, which is a joint effort of brands including Visa, Mastercard and American Express.
If you choose Paypal or any other payment gateway we make available on our website, they have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the way your personal information will be handled by these providers.
COOKIES
Cookies are used by this website for it to function properly. A cookie is a small piece of data that is stored by your web browser for a period of time - an example is when you add a product to your shopping cart a cookie stores this information - this lets you continue browsing and return to your cart to check out when you are ready.
We also use cookies and similar web technologies to monitor the use and performance of our website, including receiving anonymous information about our visitors through Google Analytics.
Please read our Cookies Policy for information about the cookies used on our website and how you can opt out of using cookies.
EXTERNAL LINKS
Some links on our website may direct you away from our site, for example to Instagram or Facebook. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements. Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Use.
DATA STORAGE AND SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed.
Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements, use Secure Socket Layer (SSL) technology, and implement additional generally accepted industry standards.
Personal information you provide through our website is stored on Shopify's secure servers which include servers outside of Europe including in Canada and the United States.
DATA RETENTION
We are legally required to retain details of financial transactions for six years. Personal information of non-customers is retained for 12 months after the last communication with them unless a request to remove personal information is received within 12 months.
Personal information which is no longer required to be retained is destroyed by permanent removal from the data storage systems that we use.
YOUR RIGHTS
Under the GDPR, you can request access to your personal information, or request correction or deletion of your personal information by writing to us at our office address or by sending us an email. We will reply to a request for access to personal information within one month of that request.
You can withdraw your consent to receive marketing or other communication from us at any time by writing to us or by sending us an email. See the top of this policy for our contact details.
We will require personal verification of an individual’s identify before giving access to, correcting, or deleting personal data. ID such as a passport or driving licence and proof of address may be required. This is to prevent exposure or manipulation of personal information by another person.
We are unable to delete personal information from records which include a financial transaction as we are required to retain these records by law for six years from the date of a transaction.